Technical Whitepaper

Purpose
This white paper is intended to provide the reader with a brief overview of relevant
document security issues and technologies, as well as to introduce the Adobe suite of document
security solutions. Te white paper also summarizes Adobe implementations for document
control and digital signatures.
Executive summary
As organizations move more business processes online, protecting the condentiality and
privacy of information used during these processes, as well as providing authenticity and
integrity, are essential. Because many automated processes rely on electronic documents that
contain sensitive information, organizations must properly protect these documents. Many
information security solutions attempt to protect electronic documents only at their storage
location or during transmission. However, these solutions do not provide protection for the
entire lifecycle of an electronic document. When the document reaches the recipient, the
protection is lost, and the document can be intentionally or unintentionally forwarded to and
viewed by unauthorized recipients.
A signicantly more efective solution is to protect a document by assigning security parameters
that travel with it. Six criteria must be met in order to provide more efective protection for an
electronic document throughout its lifecycle:
1 Condentiality
2 Authorization
3 Accountability
4 Integrity
5 Authenticity
6 Non-repudiation
Te two major security techniques used to establish these six document security criteria are
document control and digital signatures.
Te Adobe suite of security solutions delivers document control and digital signature services that
simplify the process of protecting sensitive electronic documents and forms. Organizations can
easily integrate Adobe document security solutions into current business processes and enterprise
infrastructure to support a wide range of simple and complex processes. Adobe solutions
dynamically protect electronic documents inside and outside the network, online and ofine to
provide persistent, end-to-end protection throughout an electronic documents lifecycle.
7abIe of contents
1 Executive summary
2 Introduction
3 How to provide persistent
document security
4 Document control
4 Condentialityencryption
5 Authorization
6 Accountability
6 Digital signatures
6 Integrity
7 Authenticity
7 Non-repudiation
7 Public key infrastructure
8 Adobe security solutions
for end-to-end document
protection
9 Summary of Adobe security
capabilities
9 Adobe Acrobat and Adobe
Reader
10 Adobe LiveCycle Reader
Extensions
10 Adobe LiveCycle Rights
Management ES
11 Adobe LiveCycle Digital
Signatures ES
12 Summary of Adobe document
control implementation
12 Summary of Adobe digital
signature implementation
13 Partner integrations
13 Conclusion
13 Appendix: Adobe standards
and technology
A primer on electronic
document security
How document control and digital signatures
protect electronic documents
2 A primer on electronic document security
Introduction
As organizations move more business processes online, protecting the condentiality and privacy
of the information used during these processes is essential. Because many automated processes rely
on electronic documents that contain mission-critical, personal, and sensitive information,
organizations must make signicant investments to properly protect these documents.
Tere are three main reasons that organizations need to address the security of electronically
shared documents:
Regulatory requirementsMany companies are directly or indirectly afected by government
mandates and regulations for providing consumer privacy. Tese include:
Health Insurance Portability and Accountability Act (HIPAA)Protection for health-related data
Gramm-Leach-Bliley ActFinancial privacy
European Union Directive on Privacy and Electronic Communications
Privacy Acts of Japan and Australia
California SB 1368Privacy notication
California AB 1950Protection of customer data
Return on investment (ROI)Organizations can achieve signicant ROI by migrating to
electronic business processes. Automated workows allow prospects, customers, partners, and
suppliers to participate, enabling organizations to reap signicant cost savings while improving
customer satisfaction and loyalty. However, many workows cannot be automated until
adequate protections are put in place on the electronically shared information. For instance, how
can you be sure that the bank statement you received is truly from your bank (authenticity), that
it has not been altered in transit (integrity), and that it has not been viewed by someone other
than the intended recipient (condentiality)?
Information securityTefs of proprietary information are increasing, which can jeopardize
revenue, competitive advantage, and customer relationships; generate negative publicity; and
result in signicant penalties and nes for failure to comply with privacy laws.
Many information security solutions attempt to protect electronic documents only at
their storage location or during transmission. For example, organizations rely on document
management systems and virtual private networks (VPNs) to protect documents. With this
approach document security remains a problem because these solutions secure only the
communication line or storage site; they do not provide protection for the actual content of an
electronic document throughout its lifecycle. When the document reaches the recipient, the
protection is lost, and the document can be intentionally or unintentionally forwarded to and
viewed by unauthorized recipients. Consequently, many organizations are forced to engage in an
inconsistent combination of online and paper processes in which sensitive documents must still
be printed and physically delivered to achieve adequate security. As a result, the potential
benets of online processing cannot be fully realized.
3 A primer on electronic document security
How to provide persistent document security
A signicantly more efective solution for protecting an electronic document is to assign security
parameters that are an integral part of the document itself. Te following criteria dene
persistent document security:
CondentialityWho should have access to the document?
AuthorizationWhat permissions does the user have for working with the document?
AccountabilityWhat has the recipient done with the document?
IntegrityHow do you know if the document has been altered?
AuthenticityHow do you know where the document came from?
Non-repudiationCan the signatory deny signing the document?
1
F
S
T
J
T
U
F
O
D
F
1
F
S
T
J
T
U
F
O
D
F
$
P
O
m
E
F
O
U
J
B
M
J
U
Z

F
O
D
S
Z
Q
U
J
P
O
"VUIPSJ[BUJPO
"
D
D
P
V
O
U
B
C
J
M
J
U
Z
*
O
U
F
H
S
J
U
Z
"VUIFOUJDJUZ
/
P
O

3
F
Q
V
E
J
B
U
J
P
O
%
P
D
V
N
F O U $
P
O
U
S
P
M
%
J
H
J
U
B
M 4 J H O
B
U
V
S
F
T
Six key criteria for providing persistent document security
4FDVSF5IJT%PDVNFOU
3FWPLF5IJT%PDVNFOU
7JFX"VEJU)JTUPSZ'PS5IJT%PDVNFOU
%P/PU"MMPX1SJOUJOHPG5IJT%PDVNFOU
4FDVSF1%'%FMJWFSZ
%PDVNFOU$POUSPM
Document control provides condentiality, authorization, and accountability. The illustration above shows some of the
document control options available with Adobe LiveCycle Policy Server and Adobe Acrobat software.
Te following sections survey the major technologies used to provide document control and
digital signatures and identify the technologies Adobe has implemented for its document
security solutions.
Document control plus digital signatures
means persistent document security
4 A primer on electronic document security
Document control
CondentiaIityencryption
Encryption is the process of transforming information (plaintext) into an incomprehensible
form (ciphertext). Encryption is an efective technique for managing document access.
Decryption is the reverse process that transforms ciphertext back to the original plaintext.
Cryptography refers to the two processes of encryption and decryption and its implementation
is referred to as a cryptosystem.
Popular encryption systems use the concept of keys. An encryption key is data that combines
with an encryption algorithm to create ciphertext from plaintext and recover plaintext from
ciphertext. Today, security experts widely agree on Kerckhofs principle as the basis of an
efective cryptosystem. Kerckhofs principle states that the key is the only portion of a
cryptosystem that must remain secret for the entire system to be secure. If the strength of the
cryptosystem relies on the fact that an attacker does not know how the algorithm works, then it
is just a matter of time before it can be reverse-engineered and broken.
Two main types of encryption keys include symmetric and asymmetric.
Symmetric keys
Symmetric key cryptography uses the same key for both encryption and decryption and is very
fast and difcult to break with large keys. However, because both parties need the same key for
efective communication to occur, key distribution becomes an issue. Today, common
symmetric key encryption algorithms are AES, DES, 3DES, and RC4. Adobe products leverage
AES (128- and 256-bit) and RC4 (128-bit), as they have evolved into very strong standards.
Asymmetric keys
Asymmetric key cryptography, also called public key cryptography, uses key pairs for encryption
and decryption. For instance, if the rst key encrypts the content, then the second key of the pair
decrypts the content. Similarly, if the second key is used to encrypt the information, then the
rst key must be used to decrypt the content.
Typically, one key in the pair is labeled as the public key and the other as the private key. An
individual keeps the private key secret, while the public key is freely distributed to others who
wish to communicate with the individual. When someone wishes to send the individual a
condential message, he or she can encrypt it with the freely available public key and send the
ciphertext to the individual. Because the individual is the only one who has the private key, he or
she is the only one who can decrypt the content.
Asymmetric keys help solve the key distribution problem, but the algorithms tend to be slower
for equivalent strengths. Some common asymmetric algorithms are RSA, DSA, and El Gamal.
Adobe leverages RSA (512-, 1024-, and 2048-bit) as it has evolved into a global standard.
Hybrid Encryption
Security systems tend to use a hybrid solution to increase the security and speed of encrypting
documents. One approach is to use asymmetric keys to protect the symmetric keys, and then use
the symmetric keys for encrypting the information. Tis technique helps to solve both the key
distribution challenge of symmetric key cryptography while solving the performance problem of
asymmetric key cryptography. Adobe Acrobat sofware leverages hybrid approaches so single
documents can be protected for multiple recipients, each possessing unique key pairs. Te le
size is not signicantly increased during this method because the entire document does not need
to be encrypted for each person. Instead, the document is encrypted with a single symmetric key
and that symmetric key is encrypted for each recipient with their respective public key.
5 A primer on electronic document security
Authorization
In addition to managing who can open a document, organizations gain additional protection
through authorization. Authorization species what a user can do with a document and is
achieved via permissions and dynamic document control.
Permissions govern a users actions while working with a protected document. Permissions
can specify whether or not a recipient who has access to the document is allowed to print or
copy content, ll in elds, add comments or annotate the document, insert or remove pages,
forward the document, access the document ofne, digitally sign the document, and so forth.
Dynamic document control maintains access rights and permissions assigned to an electronic
document once it has been published and distributed. A documents author can make changes
to a released document without having to manually redistribute it since the changes are
automatically pushed to all existing versions of the document no matter where they reside.
Using dynamic document control, organizations can manage and monitor electronic
document use inside and outside the rewall, online and ofne, and across multiple documents.
Dynamic document control includes the following capabilities:
Document expiration and revocationPost-publication document control can
be maintained through the application of expiration dates and the ability to revoke access to a
document. For example, an author can send a document that will expire in two weeks so that
recipients will not be able to access it once the expiration date has passed. Or, access to a
document can be automatically revoked if an authorized recipient leaves the project or changes
departments.
Ofne access managementOrganizations can manage how long an authorized recipient can
access a document ofne. Once the specied length of time has passed, the recipient can no
longer view the document and must go back online to gain further access. Any access or
permission changes that the author has made to the distributed document will be applied when
the recipient goes back online.
Persistent version controlContent and document management systems provide an efective
mechanism for version control as long as a document stays within the connes of the system.
Persistent version control expands on these capabilities by maintaining version control outside
the system and ofne. It allows document authors to make changes to a documents usage
policies and prevent the obsolete version from being accessed while providing end users with
the location of the updated version, no matter where the document resides.
EpdvnfouTfdvsjuz
Qpmjdz!Tfswfs Qpmjdz!Tfswfs
EpdvnfouSftusjdujpotTvnnbsz
EpdvnfouTfdvsjuz
UifepdvnfoutTfdvsjuz Nfuipesftusjdutxibudbocfepofupuifepdvnfou/Upsfnpwf
tfdvsjuzsftusjdujpot-tfuuifTfdvsjuz NfuipeupOpTfdvsjuz/
Eftdsjqujpo
TfdvsjuzNfuipe; DibohfTfuujoht///
Dbocfpqfofecz; BmmwfstjpotpgBdspcbu
! Qsjoujoh; Bmmpxfe
!DibohjohuifEpdvnfou; Bmmpxfe
! EpdvnfouBttfncmz; Bmmpxfe
EpdvnfouQspqfsujft
JojujbmWjfx Gpout Dvtupn Bewboft Tfdvsjuz
DibohfTfuujoht///
TipxEfubjmt/// TipxEfubjmt///
EpdvnfouSftusjdujpotTvnnbsz
EpdvnfouTfdvsjuz
1SJOUJOH
$POUFOU$PQZJOHPS&YUSBDUJPO
$POUFOU&YUSBDUJPOGPS"DDFTTJCJMJUZ
$PNNFOUJOH
'JMMJOHPG'PSN'JFMET
Authorization is achieved via permissions and dynamic document control. These are some of the authorization options
and levels of dynamic document control available with Adobe Acrobat and Adobe LiveCycle Policy Server.
6 A primer on electronic document security
AccountabiIity
Document auditing allows organizations to maintain accountability with regard to the use of
protected documents, because they can know precisely:
How a recipient has used a document
How ofen each type of usage occurred
When that usage occurred
Accountability is achieved when an author can track each recipients use of a document for each
permission assigned (such as allowing a user to ll in elds on a form, print, forward, save a copy,
and so forth.) Auditing should include automatic notications about the use of protected
documents. For example, a customer service representative sends a customer a time-critical
electronic statement that requires an action on the customers part, such as a reply or digital
signature. Once the customer receives the electronic document, the representative is
automatically notied when the customer opens it. If the customer fails to open the document,
the representative is notied afer 24 hours. Alternatively, a customer relationship management
(CRM) system can leverage failure notication to initiate an escalation or specic follow-up task
by the customer service representative.
Digital signatures
When enterprises distribute documents electronically, it is ofen important that recipients can verify:
Tat the content has not been altered (integrity)
Tat the document is coming from the actual person who sent it (authenticity)
Tat an individual who has signed the document cannot deny the signature (non-repudiation)
Digital signatures address these security requirements by providing greater assurances of
document integrity, authenticity, and non-repudiation.
Integrity
Digital signatures enable recipients to verify the integrity of an electronic document that is used
in one-way or round-trip workows. For example, when a digital signature is applied to a
quarterly nancial statement, recipients have more assurance that the nancial information has
not been altered since it was sent. Methods for maintaining integrity include:
Parity bits or cyclical redundancy checking (CRC) functionsCRC functions work well for
unintentional modications, such as wire interference, but they can be circumvented by a
clever attacker.
One-way hashA one-way hash creates a xed-length value, called the hash value or message
digest for a message of any length. A hash is like a unique ngerprint. With a hash attached to
the original message, a recipient can determine if the message was altered by recomputing the
hash and comparing his or her answer to the attached hash. Common hashing algorithms are
MD5, SHA-1, and SHA-256. Adobe has adopted the SHA-1 and SHA-256 algorithms because of
their wide acceptance as a security standard.
Message Authentication Codes (MAC)A MAC prevents an attacker from obtaining the
original message, modifying it, and attaching a new hash. In this case, a symmetric key is
connected to the MAC and then hashed (HMAC). Without the key, an attacker cannot forge a
new message. Adobe uses HMACs where appropriate.
Pinal Peviewer - Por verification Purposes
Digitally signed by 1ohn Smith
Dn: CN 1ohn Smith, C US
Date: 2004.l0.ll ll:06:23 - 07'00' 1ohn Smith
*OUFHSJUZ
Digital signatures verify
the integrity of an
electronic document
7 A primer on electronic document security
Authenticity
Digital signatures provide document authenticity by verifying a signers digital identity. For
example, a digitally signed quarterly nancial statement allows recipients to verify the identity of
the sender and assures them that the nancial information has not been altered since it was sent.
Digital signatures are created using asymmetric key cryptography. For document encryption, a
documents author encrypts a document using a public key. Because the recipient is the only
person with the private key, he or she is the only one who can decrypt the message. Digital
signatures reverse the use of public and private keys for document authenticity. Te author
encrypts the hash of the message with a private key. Only the public key can correctly decrypt
the hash and use it to see if it matches a new hash of the document. Because recipients of the
document have the authors public key, they gain greater assurances that the individual who
signed the document was the person who encrypted the original hash.
The process that constitutes a digital signature is as follows:
A hash is created of the original document.
Te digital signature is created, which encrypts the hash with a private key.
Te signature is included with the document.
Adobe Acrobat supports multiple digital signatures placed anywhere in the document for proper
presentation. In fact, Adobe Acrobat tracks all previously signed versions within the document
for easy verication of changes made during the documents lifecycle. Furthermore, Adobe ofers
a certied signature, which is the rst signature on the document. With a certied signature,
the author can specify what changes are allowed for integrity purposes. Adobe Acrobat will then
detect and prevent those modications. "VUIFOUJDJUZ
Pinal Peviewer - Por verificationPurposes
Digitally signed by 1ohn Smith
Dn: CN 1ohn Smith, C US
Date: 2004.l0.ll ll:06:23 - 07'00' 1ohn Smith
$FSUJmDBUF"VUIPSJUZ
Digital signatures verifying a signers digital identity
Adobe Acrobat tracks all previously signed
versions within the document for easy
verication of changes made during the
documents lifecycle
Non-repudiation
Non-repudiation is a document security service that prevents the signor of the document from
denying that they signed the document. Support for this service is ofen driven by authentication
and time-stamping capabilities.
PubIic key infrastructure (PkI)
Public key infrastructure (PKI) mainly provides a digital certicate that enables a documents
recipient to know whether or not a specic public key really belongs to a specic individual.
Digital certicates bind a person (or entity) to a public key. Certicate authorities (CA) issue
these certicates and recipients must trust the CA who issued the certicate. X.509 is the widely
accepted certicate standard that Adobe uses.
If a certicate expires or a private key is compromised, the CA will revoke the certicate and
record the revocation. As part of the process of authenticating a digital certicate, recipients
can check the certicates status. Certicate validity can be checked using the following
standard methods:
Certicate revocation list (CRL)
Online Certicate Status Protocol (OCSP)
Adobe uses both CRL and OCSP.
8 A primer on electronic document security
Te following additional mechanisms can make up a PKI:
Public-Key Cryptography Standards (PKCS)A set of standard protocols for PKI used by
multiple vendors. Te standards include RSA encryption, password-based encryption,
extended certicate syntax, and cryptographic message syntax for secure multipurpose
Internet mail extensions (S/MIME).
Registration authorityUsed to run background checks on individuals who wish to obtain
a certicate.
Certicate repositoryRepositories that house digital certicates.
Key update, backup, recovery, and historyMechanisms for key maintenance and archiving.
Cross-certicationIn the absence of a single global PKI, which is highly unlikely, this
mechanism allows users from one PKI to validate certicates from users in another trusted PKI.
Time stampingA critical component of non-repudiation that ofers a time stamp from a
trusted third party.
Adobe has been deIivering persistent
document security soIutions for more
than ten years
In partnership with leading security vendors,
Adobe has been delivering persistent
document security solutions for more than
ten years. Since Adobe Acrobat was
introduced in 1994, Adobe has enabled
organizations to more successfully manage
electronic document use by encrypting
Adobe PDF les and assigning user access
permissions. Beginning in 1999, Adobe
Acrobat 4.0 ofered organizations the ability
to apply digital signatures to Adobe PDF les
for greater assurance of document
authenticity, integrity, and non-repudiation.
Adobe security solutions for end-to-end document protection
A signicantly more efective solution for protecting an electronic document is to assign security
parameters that are an integral part of the document itself. Tis approach diferentiates the
Adobe document security solutions, which enable organizations to more efectively manage the
use of electronic documents with persistent protection. By applying security parameters to the
individual document, organizations gain greater assurance in the condentiality, authenticity,
and integrity of electronically shared documents in addition to securing the communication line
or storage location.
As organizations accelerate online processing, Adobe security solutions deliver document
control and digital signature services that simplify the process of protecting sensitive electronic
documents and forms. Because Adobe solutions are designed to protect electronic documents
inside and outside the network, online and ofne, organizations can more easily extend the use
of electronic processes to reduce costs for sharing information and increase customer
satisfaction and loyalty. It is important to note that security is not an all or nothing proposal.
Security professionals must practice proper risk mitigation when evaluating solutions for their
organizations. Adobe helps with this endeavor by ofering a wide range of support from solutions
for simple assurance levels, such as click-wrap agreements, personal identication numbers
(PINs), and passwords to those requiring stronger assurance levels, such as sofware PKI, two-
factor authentication with tokens, or three-factor authentication with biometrics.
Adobe document security provides persistent, end-to-end protection throughout an electronic
documents lifecycle, including desktop solutions that make it easy for every user in an
organization to protect documents and server-based solutions that automate the application and
monitoring of document protection on an enterprise-wide basis. Whether e-mailing monthly
4JHOBUVSFJTWBMJETJHOFE
CZ+PIO4NJUI
5IFEPDVNFOUIBTOPU
CFFONPEJmFETJODFUIJT
TJHOBUVSFXBTBQQMJFE
5IFEJHJUBMTJHOBUVSFXBT
BQQMJFEBUBDFSUBJOUJNF
Pinal Peviewer - Por verification Purposes
Digitally signed by 1ohn Smith
Dn: CN 1ohn Smith, C US
Date: 2004.l0.ll ll:06:23 - 07'00' 1ohn Smith
/POSFQVEJBUJPO
Digital signatures address security requirements by providing greater assurances of document integrity, authenticity,
and non-repudiation.
9 A primer on electronic document security
statements, making tax forms available on citizen portals, sending design documents to
partners for review, approving loan applications, or preparing nancial reports, Adobe helps
organizations conduct these processes with greater assurance of document condentiality,
integrity, authenticity, non-repudiation, and accountability.
Summary of Adobe security capabiIities
Adobe Acrobat
Family*
Adobe Reader Adobe LiveCycle
Reader Extensions
ES
Adobe LiveCycle
Digital Signatures
ES
Adobe LiveCycle
Rights Management
ES
Quickly create secure
documentsfrom native
applications
Use the free, cross-
platform solution to
view and interact with
protected documents
Easily share protected
interactive Adobe PDF
documents with
external parties
Automate the process
of encrypting and
digitally signing
thousands of
electronic documents
Dynamically apply
document usage rights
to manage use online,
ofine, inside the
network, and outside
the network
Encrypt/decrypt
documents using
shared passwords, PKI,
and Adobe LiveCycle
Policy Server software
Validate recipients
digital signatures
Activate additional
functionality in the
free Adobe Reader
to enable ofne form
lling and digital
signatures
Encrypt/decrypt
documents using
shared passwords
and PKI
Manage printing,
content copying, form
lling, digital signature
use, screen reader
access, review and
comment use, page
insertion, deletion, and
rotation
Apply and validate
recipients digital
signatures
Verify author-certied
documents
Automatically apply
digital signatures
Manage online and
ofne access
Create and verify
author-certied
documents
Apply recipient digital
signatures
Automatically verify
digital signatures
Includes server and
client extensions for
PDF, Word, and Excel
Manage printing,
content copying, form
lling, digital signature
use, screen reader
access, review and
comment use, page
insertion, deletion, and
rotation
Support for Microsoft
CryptoAPI on Windows
Create and verify
author-certied
documents
Revoke access after
distribution
Support for Microsoft
CryptoAPI (MSCAPI)
on the Microsoft
Windows operating
system
Decrypt documents
using shared
passwords, PKI, and
Adobe LiveCycle
Rights Management ES
software
Support for Hardware
Security Modules
(HSMs) using PKCS#11
Establish time controls
for access
Pre-built support for
VeriSign credentials in
Adobe Reader
Audit user actions
Support for FIPS mode Leverage existing
authentication
infrastructure
(Lightweight
Directory Access
Protocol [LDAP]/
Active Directory) for
document control
* Includes Adobe Acrobat Professional, Adobe Acrobat Standard, and Adobe Acrobat Elements. Not all security features are available in all
products.
Requires documents to be rights-enabled with Adobe LiveCycle Reader Extensions ES.

Adobe Acrobat and Adobe Reader
Document authors can use Adobe Acrobat sofware to create Adobe PDF documents, and apply
encryption, permissions, and digital signatures to Adobe PDF les. Te ease and convenience of
assigning security parameters to electronic documents via Adobe Acrobat encourages users to
keep information private and condential.
Protected Adobe PDF documents can be viewed using free Adobe Reader sofware. With more
than 700 million copies distributed worldwide, Adobe Reader provides multi-platform access to
Adobe PDF les, enabling organizations to share secured documents with users outside the
rewall and on a wide variety of client computers. Adobe Reader users can view protected
documents, validate digital signatures, and verify document certication. In addition, when
documents are rights-enabled via Adobe LiveCycle Reader Extensions ES, Adobe Reader users
can digitally sign Adobe PDF les.
Document control and digital signature
capabilities are built into the Adobe Acrobat
interface, making it easy for users to add
security parameters to documents
10 A primer on electronic document security
Adobe PDF, the Portable Document Format, is a general document representation language that
has been in use for document exchange on the Internet since 1993. RFC 3778 provides updated
information on the registration of the MIME Media Type application/pdf, with particular
focus on the features that help to mitigate security concerns.
Adobe LiveCycIe Reader xtensions S
Adobe LiveCycle Reader Extensions ES enables organizations to extend the use of automated
business processes to participants who are outside the network and using disparate client
technologies. Using Adobe LiveCycle Reader Extensions ES, organizations embed usage rights in
Adobe PDF les that will activate functionality within Adobe Reader sofware. Tis hidden
functionality is automatically activated when the Adobe Reader user launches a rights-enabled
Adobe PDF document. When the user is nished working with the document, those functions
are once again disabled until the user receives another rights-enabled PDF le.
Rights-enabled Adobe PDF les allow users of Adobe Reader to save the le to a local hard drive,
ll it out, add comments and mark up content, share it with others, and submit a completed
document electronically. In addition, Adobe PDF les can be rights enabled to allow users to
digitally sign, certify, and authenticate a document. As a result, organizations can easily include
Adobe Reader users in simple and complex business processes that provide greater
assurance of document authenticity and condentiality for users outside the network.
Adobe LiveCycIe Rights Management S
Adobe LiveCycle Rights Management sofware is a document control solution that addresses the
challenges of managing access to and use of electronic documents on an enterprise-wide basis.
Adobe LiveCycle Rights Management sofware ofers a platform-independent solution for
dynamic, persistent, and robust document policy management. Adobe LiveCycle Rights
Management sofware manages three aspects of document securitycondentiality,
authorization, and accountability.
Adobe LiveCycle Rights Management ES provides a solution for assigning and managing access rights
and user permissions
1
2 3
4
Author Manage View
1. Create les
in native
applications
2. Create Adobe PDF
from native le
3. Add protection
with Adobe
LiveCycle Rights
Mangement ES
4. Authenticate &
authorize for
public viewing
using Adobe
Reader and
Adobe Acrobat
Adobe
LiveCycle
Rights
Management ES
Adobe LiveCycle Rights Mangement ES capabilities include the following:
Persistent access managementAdobe LiveCycle Rights Management ES provides all of the
persistent document control features available with Adobe Acrobat. Security policies
established on the server can include access rights and user permissions. Document authors
simply select the appropriate policy stored on the server to be applied to an Adobe PDF
document.
Dynamic security policy managementAdobe LiveCycle Rights Management ES provides
dynamic policy management so that organizations can manage document access and use afer
an Adobe PDF le has been published and distributed. Authors can update a security policy
stored on the server to change any of the user permissions, add recipients, expire documents,
With more than 700 million copies distributed
worldwide, Adobe Reader software provides
cross-platform access to Adobe PDF les,
enabling organizations to share protected
documents with users outside the rewall and
on a wide variety of client computers
Adobe LiveCycle Rights Management ES ofers
a multi-platform solution for dynamic,
persistent, and robust document
policy management
11 A primer on electronic document security
revoke previous recipients access rights, and so forth. When a document recipient is ofine,
any changes are automatically applied to the document when the recipient contacts Adobe
LiveCycle Rights Mangement ES again.
Network independenceWhether used online or offline, inside or outside the network,
the security policy applied to an Adobe PDF le remains.
Document auditingAuthors can easily monitor use of protected Adobe PDF documents with
Adobe LiveCycle Rights Management ES auditing capabilities. For each user permission
assigned to a document, Adobe LiveCycle Rights Management ES software provides a detailed
audit trail that keeps track of what each recipient did with the document, when, and how often.
Enterprise integrationAdobe LiveCycle Rights Management ES software can be integrated
with current user administration and content management technologies for cost-efficient,
centralized document control administration. It can access existing LDAP and Active
Directory implementations to check recipients credentials, and it can maintain a security
policy assigned to a document in a content management system and wherever the document
travels.
Integration with Adobe LiveCycle productsAdobe LiveCycle Rights Management ES
software provides an Adobe Document Service that can be used by other Adobe LiveCycle ES
server products to facilitate automated workows. Organizations can expand use of cost-
effective automated business processes with greater assurances that documents are more
effectively protected and regulatory requirements for maintaining information privacy can be
met.
Integration with Adobe Acrobat and Adobe ReaderAuthoring and viewing protected
documents is simple and convenient. Authors can assign document control policies to
documents with the same controls they use to create Adobe PDF les from popular
applications such as Microsoft Word. Recipients can access Adobe LiveCycle Rights
Management EScontrolled PDF files with the Adobe Reader Mac OS, Microsoft Windows,
or Linux client platforms.
Adobe LiveCycIe DigitaI Signatures S
Adobe LiveCycle Digital Signatures ES sofware enables organizations to bring more paper-based
processes online by providing digital signature and encryption capabilities in a server
environment, thus eliminating the need to manually open each le and add or verify digital
signatures. With Adobe LiveCycle Digital Signatures ES, organizations can efciently integrate
protected electronic documents with core systems and existing workows. Adobe LiveCycle
Digital Signatures ES sofware automates the processes of:
Digitally signing and certifying Adobe PDF les
Validating digital signatures applied to Adobe PDF les
Encrypting and decrypting Adobe PDF les
Integrating with a Hardware Security Module for added security capabilities and performance
Enterprises can process Adobe PDF documents with digital signatures from third-party vendors
to enable large volumes of certied documents in batch (or bulk) on the server. Before a
transaction is processed, Adobe LiveCycle Digital Signatures ES sofware opens the document
and validates it based on signature status. Tis validation includes determining whether or not a
document has been altered and whether or not it was really approved by the person who signed it.
Since Adobe LiveCycle Digital Signatures ES sofware can validate any Adobe PDF le regardless
of its use inside or outside the network, it enables organizations to extend automated processes
beyond the rewall to include customers, partners, and constituents while meeting corporate
and government regulations for protecting the privacy of electronic information.
For organizations that have deployed a PKI, Adobe LiveCycle Digital Signatures ES sofware
provides encryption and decryption capabilities. Documents that are automatically generated
can be automatically encrypted for distribution and encrypted documents that are submitted to
12 A primer on electronic document security
Adobe LiveCycle Digital Signatures ES can be automatically decrypted. Tese capabilities allow
enterprises to leverage existing technology investments in PKI and smart card solutions to
provide enhanced document protection. In addition, Adobe LiveCycle Digital Signatures ES
sofware is the only solution that provides bulk digital signature capabilities for Adobe PDF les
using HSMs.
Summary of Adobe document controI impIementation
Te following table summarizes the Adobe document control capabilities and the technologies used:
Control Type Control Mechanism Technologies
Encryption Symmetric algorithm AES (128- and 256-bit)
RC4 (128-bit)
3DES
Asymmetric algorithm RSA (up to 2048-bit)
Authorization Document permissions
(modications and use)
No changes allowed
Any changes except extracting pages
Fill in form elds
Comment and annotate
Digitally sign
Insert, delete, and rotate pages
Copy text, images, and other content
Enable text access for screen reader devices for the visually impaired
No printing allowed
Low-resolution printing only (150 dpi)
High-resolution printing
Dynamic document
control
Modify permissions after publication and distribution
Expire and revoke distributed documents
Manage ofine access
Enforce content management system security policies outside system
Accountability Auditing Know how recipient has used document
Know when usage occurred
Know how often usage occurred

Summary of Adobe digitaI signature impIemention
Te following table summarizes the Adobe digital signature capabilities and the technologies
used in their implementation:
Control Type Control Mechanism Technologies
Integrity One-way hash SHA-1 and SHA-256 algorithms
MD5
MAC/HMAC HMAC support with symmetric keys and SHA-1
Authenticity Digital signatures May be applied to any Adobe PDF document
Partnerships with leading digital signature vendors
PKCS #1, #7, #11, and #12
RSA (512-, 1024-, and 2048-bit)
DSA
Long-term signature validation support
Seed values (enforcement of certicate usage criteria)
eXtensible Markup Language (XML) signatures
MSCAPI support
Certicate validity check Certicate revocation list
Online Certicate Status Protocol (future)
Nation Institute of Standards and Technology (NIST) Public Key
Interoperability Test Suite (PKITS)
MSCAPI support
Non-repudiation Supported with authentication
and time-stamping
Adobe follows RFC 3161
13 A primer on electronic document security
Partner integrations
Adobe has partnered with leading global organizations to help provide an efective document
security environment. Whether digital signatures requiring certicates, certicate authorities,
smart cards, HSMs, or dynamic document control requiring authentication via LDAP providers,
databases, or integration services, Adobe and its partners can solve specic business needs that
require secure solutions. For more information about Adobe security partners, please visit:
http://partners.adobe.com/security.
Conclusion
Te use of sensitive and mission-critical information in electronic processes is essential
for thousands of businesses and government agencies. Adobe security solutions leverage
standards-based techniques for document control and digital signatures to provide efective
solutions that enhance the privacy and condentiality of electronic documents and forms.
With a comprehensive set of desktop- and server-based solutions, Adobe ofers convenient, easy-
to-use document security capabilities that encourage users to keep information private and help
organizations meet the strictest regulations for sharing information electronically. Adobe
security solutions enable organizations to replace paper-based business processes with electronic
processes to reap the benets of improved operational efciency, reduced costs, and increased
customer and constituent satisfaction.
Appendix: Adobe standards and technology
AESAdvanced Encryption Standard is an encryption algorithm used by U.S. government
agencies for securing sensitive but unclassied material.
Authentication TokenA small hardware device that the owner carries to authorize access to a
network service. Te device may be in the form of a smart card or may be embedded in a
commonly used object such as a key fob. Security tokens provide an extra level of assurance
through a method known as two-factor authentication. Te user has a personal identication
number that authorizes him or her as the owner of that particular device; the device then
displays a number which uniquely identies the user to the service, allowing the user to log in.
Te identication number for each user is changed frequently, usually every ve minutes or so.
CAA certicate authority is an authority in a network that issues and manages security
credentials and PKI for message encryption and digital signatures. As part of a PKI, a CA checks
with a registration authority (RA) to verify information provided by the requestor of a
digital certicate. If the RA veries the requestors information, the CA can then issue a certicate.
CAPI/MSCAPICommon Application Programming Interface is an international standard
interface that applications can use to communicate directly with ISDN equipment. Using CAPI,
an application program can be written to initiate and terminate phone calls in computers equipped
for ISDN. MSCAPI is the Microsof implementation.
Certicate (X.509)A common certicate format used in PKI systems.
CP/CPSA certicate policy and certication practice statement explain the practices
employed by a CA to provide certication services including issuing, managing, revoking,
and renewing certicates.
CRL (RFC 3280)Certicate revocation list is one of two common methods (OCSP is the other)
when using a PKI for maintaining access to servers in a network.
CSPCryptographic Service Provider
FIPSFederal Information Processing Standards are a set of standards that describe document
processing, provide standard algorithms for searching, and provide other information processing
standards for use within government agencies.
KerberosKerberos is a secure method for authenticating a request for a service in a computer
network. Kerberos lets a user request an encrypted ticket from an authentication process that
can then be used to request a particular service from a server. Te users password does not have
to pass through the network.
LDAPLightweight Directory Access Protocol is a sofware protocol for enabling anyone to
locate organizations, individuals, and other resources, such as les and devices, in a public or
corporate network.
MAC/HMACA MAC provides a digital ngerprint of a le by means of a hash. In this case, a
symmetric key is concatenated to the message and then hashed (HMAC). Without the key, an
attacker cannot forge a new message.
MD5An algorithm used to verify data integrity through the creation of a 128-bit message
digest from data input (which may be a message of any length) that is claimed to be as unique to
that specic data as a ngerprint is to a specic individual.
OCSP (RFC 2560)Online Certicate Status Protocol is one of two common schemes (CRL is
the other) for maintaining the security of a server and other network resources.
PKCSPublic-Key Cryptography Standards are a set of inter-vendor standard protocols for
making secure information exchange on the Internet using a public key infrastructure. Adobe
supports the following standards:
PKCS 1RSA Cryptography standard
PKCS 7 Cryptographic message syntax standard
PKCS 11Cryptographic token interface standard
PKCS 12Personal information exchange syntax standard
RAA registration authority is an authority that veries user requests for a digital certicate
and tells the CA to issue it. RAs are part of a PKI, a networked system that enables companies and
users to exchange information and money safely and securely.
RC4A shared key stream cipher algorithm that requires a secure exchange of a shared key
outside the specication.
RSAAn asymmetric encryption and authentication system that uses an algorithm developed in
1977 by Ron Rivest, Adi Shamir, and Leonard Adleman. Te RSA algorithm is a commonly
used encryption and authentication algorithm and is included as part of the Web browsers
from Microsof and Netscape.
SAMLSecurity Assertion Markup Language is an XML standard that allows a user to log
in once for aff liated but separate Web sites. SAML is designed for business-to-business and
business-to-consumer transactions.
SHA-1, SHA-256Secure Hash Algorithm used to generate a condensed representation of a
message called a message digest. Te SHA-1 algorithm is required for use with the Digital
Signature Algorithm (DSA) as specied in the Digital Signature Standard (DSS) and whenever a
secure hash algorithm is required. Both the transmitter and intended receiver of a message in
computing and verifying a digital signature use the SHA-1.
Smart CardA plastic card about the size of a credit card with an embedded microchip that can be
loaded with data and used for telephone calling, electronic cash payments, and other
applications, and then periodically refreshed for additional use.
SSL/TLSSecure Socket Layer/ Transport Layer Security. Internet protocols that ensure privacy
between communicating applications and their users. When a server and client communicate,
TLS ensures that no third party may eavesdrop or tamper with any message. TLS is the successor
to the SSL.
Time-stamp Protocol (RFC 3161)A time-stamping service supports assertions of proof that a
datum existed before a particular time. RFC 3161 describes the format of a request sent to a time-
stamping authority (TSA) and of the response that is returned. It also establishes several security-
relevant requirements for TSA operation, with regards to processing requests to generate
responses.
Adobe Systems Incorporated
345 Park Avenue
San Jose, CA 95110-2704
USA
www.adobe.com
Adobe, the Adobe logo, Acrobat, Adobe LiveCycle, and Reader are either registered trademarks or trademarks of Adobe Systems Incorporated
in the United States and/or other countries. Mac OS is a trademark of Apple Computer, Inc., registered in the United States and other countries.
Linux is a registered trademark of Linus Torvalds. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in
the United States and/or other countries. All other trademarks are the property of their respective owners.
2007 Adobe Systems Incorporated. All rights reserved. Printed in the USA.
95009146 5/07
For more information
For more information about Adobe
security solutions, please visit
www.adobe.com/security